Lesson 2: Protecting Your Information | MCSE Training Kit (Exam 70-222): Migrating from Microsoft Windows NT 4.0 to Microsoft Windows 2000 (MCSE Training Kits)

A core component to any good disaster recovery scenario is backing up your systems. In this lesson, you'll learn how to decide when to perform backups, what to back up, and how to ensure that backups are useful.

After this lesson, you will be able to

Plan the backup of information during a migration.
Take and manage backups.

Estimated lesson time: 30 minutes

It is assumed that you'll have a backup regime in place prior to the migration. The backup policy might consist of full backups at regular intervals and differ-ential or incremental backups in between. Depending on the arrangement of resources on the network, the user files might be backed up separately from the Windows NT information, or in conjunction with it. For comprehensive information about system recovery, consult Part 3, "System Recovery," of the Microsoft Windows 2000 Server Operations Guide volume of the Microsoft Windows 2000 Server Resource Kit.

Tape Backup

Magnetic tape is the primary backup medium in use today. Drive types include digital audio tape (DAT), quarter-inch cartridge (QIC), 8mm cassette, and digital linear tape (DLT). Such devices are almost always connected via a SCSI controller. Please bear the following in mind:

When dealing with tape, always perform two backups—there should never be a situation in which there is only a single copy of critical data.
When dealing with tape, a physical fault in a tape drive could result in damage to the media. You should therefore never put another restore tape into a drive that has just failed to read the previous one.
When dealing with tape, some magnetic media degrades over time, so information on tapes should be recycled and refreshed over a well-defined schedule. The most robust tape system that you can buy is DLT. You really shouldn't be entrusting important data to DAT or QIC tapes.
When dealing with tape, a policy of backup verification should also be in place to prove validity.
When dealing with tape, an up-to-date set of backups should be stored off-site in the event of a natural disaster.
When dealing with backup, you can back up to any computer to which you have a valid remote connection. This method can enable you to use a single media drive that can be shared and used for an entire network.
When dealing with backup, any network backup taking place will degrade the performance of the underlying network.

Testing Your Backups

There are two levels of backup verification:

Validating that all files have actually been backed up
Validating that all files can be restored

The Windows 2000 Backup program can be used to verify a backup against the original files to help prove the validity of the backup. However, even though this procedure is performed on a live system, there will be files that have been changed since the last backup and some of the verifications will be out of date. Hence, the last backup times should be taken into consideration when examining the backup log.

The only way to prove that a system can be restored from a backup set is to perform an actual restore. To avoid disruption of the production environment, the restore can be performed on a system that is offline, provided that it has an identical hardware configuration (such as a tape backup device) to the original. It's also important that once the restore procedure has been proved, any changes to the underlying system such as the addition of hardware (for example, a new or different disk controller) should be followed by a backup and a verified restore.

CAUTION
If you make changes to the hardware of your systems, you might be unable to restore backups that were taken previously unless the tape drive and tape controller are supported in the configuration.

The Windows 2000 Backup Program

The Windows 2000 Backup program can be started by opening Run on the Start menu and typing ntbackup. Backup provides three wizards that assist in performing a backup, performing a restore, or building a set of Emergency Repair Disks (ERDs).

Ntbackup can back up to a file instead of to a backup device. It's also possible to schedule the backup from within the program. Previous versions of backup were started by a batch file that had to be scheduled by hand.

There are five backup modes:

Copy. The files are copied and their archive bits are not cleared.
Backup. The files are backed up and the archive bit on each file is cleared. If there are any subsequent changes to the file, the archive bit is set.
Incremental. Only those files with an archive bit set are backed up. The archive bit is then cleared. Incremental backup removes the need for a complete backup because only the files that have changed since the last backup are saved. To create an up-to-date system from backups, the full backup must be applied first, followed by each of the incremental ones.
Differential. Only those files with an archive bit set are backed up. However, the archive bit on those files isn't cleared, so each differential backup will contain all the files that have been changed since the last backup. The restore is therefore quicker because only the most recent differential backup needs to be applied.
Daily. Only those files that have had their archive bit set today are backed up. Daily backup is used to allow you to organize your backups to easily locate previous generations of files on tapes.

System State Data

In previous versions of Windows NT, the backup program provided the option to back up the registry along with the data files being stored. In Windows 2000, this information is referred to as the system state data, which is made up of the following:

Boot files, including system files
The entire Active Directory schema configuration, attributes, and values
The Sysvol folder
Certificate services
The registry
Performance counters
The Components Services Class registration database

All of these items are saved and restored automatically. An option to back up system-protected files in addition to the system state data is provided in the advanced backup options.

NOTE
If a backup set containing the system state data is restored to an alternate location (in other words, a drive, computer, or directory different from the source), Active Directory directory services, the Certification Services database, and the Components Services Class registration database aren't restored.

File Systems in a Backup

It's possible to back up and restore to and from any of the supported Windows 2000 file systems. As with previous versions of backup, when restoring a backup created from an NTFS drive to drives using FAT 16 or FAT 32, all the file ownership and protection is removed.

CAUTION
If data from a Windows 2000–version NTFS volume is restored to a Windows NT 4.0–version NTFS volume, this can result in the loss of security, quotas, and directory attributes.

Security in a Backup

Because it's possible to overcome file-system security by backing up and restoring files, it's important to restrict the number of personnel who can perform these tasks. For medium- and high-security installations, the right to back up should be given to some operators and the right to restore to others.

Windows NT and Windows 2000 Backup

During the migration, a domain might contain Windows 2000 servers and Windows NT BDCs. In this configuration, you can run the Windows NT backup program on the Windows NT servers and the Windows 2000 backup program on the Windows 2000 servers.

TIP
You might want to consider third-party backup systems because they have several advantages, such as the ability to back up open files.

Imaging During a Migration

Imaging a system involves making a complete copy of the partition information, programs, and data on a volume, either by performing a direct copy to a set of CDs or by transferring the image over a network connection. Because the imaging process drives the disks at a low level, it can be performed quickly.

TIP
Although you can use the Windows NT backup program to perform these back-ups, it is strongly recommended that whenever possible disk imaging be used instead. Imaging provides a quick way to restore the situation prior to the upgrade attempt, which will both speed up the recovery process and also allow faster retries if a migration fails.

Imaging can be used to good effect during a migration. It provides a means of taking a snapshot of a system. There are three main benefits of imaging:

It's faster to rebuild a server from an image copy than by restoring it from tape.
Two copies of an image can be easier to manage than maintaining two copies of every tape.
You can take the image and use it as live data in your test facility, provided the hardware in your test lab is the same as the hardware on the server you image.

The disadvantage to an image is that your users won't be able to access the server while the image is being created. Wherever possible, you should consider imaging as an alternative method for one of the data recovery milestones.

Windows 2000 Recovery Console

The Windows 2000 Recovery Console is a text-mode command interpreter. It can be used to attempt to recover from damage done to disks or Windows system files without resorting to a complete restore, which would require the use of Emergency Repair Disks. To access the Recovery Console, follow these steps:

Run the setup process by, for example, booting from the Windows 2000 installation CD.
When the Welcome To Setup dialog box appears, press the R key for Repair.
On the Windows 2000 Repair Options screen, press C to start the Recovery Console.
Enter the Recovery Console administrator's password. (In this book, you set the password to secret).

TIP
You can preinstall the Recovery Console on a working Windows 2000 installation by inserting the Windows 2000 installation CD and typing at a command prompt: D:\i386\winnt32.exe /cmdcons, where D is the letter of the CD-ROM drive. Then the Recovery Console will be available at boot time on the Windows 2000 startup menu. In a rare case where you can't boot from the hard disk at all, you'll need to fall back to the previous steps to access the Recovery Console directly from the installation CD.

Once the correct password has been entered, the Recovery Console will start. You'll see a command prompt and be able to read and copy files and perform other actions.
Type help for a list of available commands.

CAUTION
The commands available in the Recovery Console are powerful. It's possible to change partition information, rebuild disks (using Diskpart), start and stop services (using Enable), and perform a variety of low-level actions. Use it with care to avoid causing further damage to a system.

Although you can use the Recovery Console to read files from floppy disks and CD-ROMs, permission is required to allow users of the Recovery Console to save information to the floppy disk. This permission can be modified by changing the appropriate Recovery Console security option, as shown in Figure 12.2.

click to view at full size.

Figure 12.2 Setting Recovery Console security

The Repair Disk

In the preceding section, you pressed the R key when booting from the Windows 2000 installation CD to start the Recovery Console. If you had pressed R on the Repair Options screen instead, you would have been prompted to insert an Emergency Repair Disk. The Emergency Repair Disk allows you to repair the boot sector and check the Windows 2000 system files and startup environment. Remember that the ERD must have been created before you need to use it. To create the Emergency Repair Disk, follow these steps.

At a Windows 2000 command prompt, type ntbackup.
On the Windows 2000 Backup opening screen, click the Emergency Repair Disk button.
The Windows 2000 Backup program will prompt you to insert a floppy disk.
Insert the disk and click OK.
Backup will then create your repair disk, as shown in Figure 12.3.

Figure 12.3 Creating an Emergency Repair Disk

Data Recovery Milestones

Obviously, a full backup of the entire system should be performed prior to starting the migration. There will be other well-defined points at which the system should be backed up so that a failure at any phase won't require a complete return to the premigration situation. These backup points should be planned as part of the migration process. Depending on the migration, milestones at which full backups should be performed are shown in Table 12.1.

Table 12.1 Data Backup Milestones

Milestone	Backup Windows NT Source	Backup Windows 2000 Destination
Creation of pristine environment		Yes
Migration of DNS, DHCP, or WINS services (before and after)	Yes	Yes
Upgrade of a PDC in a domain (before and after)	Yes
Upgrade of a BDC in a subnet (before and after)	Yes
Successful migration of users, groups, and machines (before and after)	Yes	Yes
Before decommissioning source domains	Yes

A proliferation of backup methodologies exists. As storage becomes larger, it is increasingly essential that the restore process doesn't take several days. If your budget allows, in addition to tape technologies, look at storage area networks and subsystems that use hard disks as the backup methodology. Using storage area networks is a method of storing all information on an array of hard disks that are separate from all servers and accessed via the LAN.

Practice: Performing a Backup

In this practice, you'll use the Windows 2000 Backup wizard to back up the user directory on TRAINKIT1.

Log on to TRAINKIT1 as Administrator with the password secret.
Open Run from the Start menu.
Type ntbackup and press Enter.
Windows 2000 Backup will now start, as shown in Figure 12.4.

Figure 12.4 Windows 2000 Backup
Click the large Backup Wizard button.
When the Backup Wizard appears, click Cancel to close it.
Now you'll see the Backup window shown in Figure 12.5. Your screen will differ according to the number of drives in your system.

Figure 12.5 Backup Selection screen
Ensure that the System State check box is clear because you don't want to back it up in this practice.
Double-click drive C: in the left pane and select the check mark next to the Tools folder to back up this folder.
Click the Browse button in the Backup window.
Type the file name Safety into the File Name box of the Open dialog box and then click the Open button.
Click the Start Backup button to begin the backup process.
The Backup Job Information dialog box will appear and summarizes the backup options selected. It also allows you to select whether to append the saved information and to schedule backups, as shown in Figure 12.6.

Figure 12.6 Backup Job Information dialog box
Before you perform the backup, you'll request that it be verified. Click the Advanced button to display the Advanced Backup Options dialog box.
Select the Verify Data After Backup check box, as shown in Figure 12.7.

Figure 12.7 Advanced Backup Options dialog box
Click OK to close the Advanced Backup Options dialog box.
Click the Start Backup button.
The backup will now start and the Backup Progress dialog box will be displayed, as shown in Figure 12.8.

Figure 12.8 Backup Progress dialog box
Once the backup is complete, click the Report button in the Backup Progress dialog box to view a report on the backup process, as shown in Figure 12.9.

Figure 12.9 Backup report
Close the report window, close the Backup Progress dialog box, and then close the Backup program.
Experiment further with the backup process by using the Restore and Schedule tabs of the Backup program.

Lesson Summary

In this lesson, you learned the importance of the backup in a migration. You saw the different forms of backup that can be performed and the key features of the Windows 2000 Backup program. You also learned about the value of creating images of volumes, as well as the availability of enhanced third-party backup programs. In addition, you learned the importance of verifying that a backup has been performed correctly and that it can be used to rebuild a system from scratch. Finally, you identified a set of milestones in the migration at which points the systems are to be backed up.